3 matches found
OpenEXR: Heap Overflow in Scanline Deep Data Parsing
A vulnerability was found in the Academy Software Foundation OpenEXR and requires that a malicious EXR file image is parsed by the target device or environment using OpenEXR. This issue occurs due to a failure in validating the number of scanline samples of an OpenEXR file containing deep scanlin...
AZL-62324 CVE-2023-5841 affecting package OpenEXR 2.3.0-6
Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2...
libtiff: invalid assertion
tifluv.c in libtiff allows attackers to cause a denial of service out-of-bounds write via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782...